# Copyright 2020-2021 Fugue, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
package tests.rules.tf.aws.cloudtrail.inputs.log_file_validation_infra_tf

import data.fugue.resource_view.resource_view_input

mock_input := ret {
  ret = resource_view_input with input as mock_config
}
mock_resources := mock_input.resources
mock_config := {
  "hcl_resource_view_version": "0.0.1",
  "resources": {
    "aws_cloudtrail.invalid_trail": {
      "_filepath": "tests/rules/tf/aws/cloudtrail/inputs/log_file_validation_infra.tf",
      "_provider": "aws",
      "_type": "aws_cloudtrail",
      "depends_on": [
        "aws_s3_bucket_policy.policy"
      ],
      "enable_log_file_validation": false,
      "id": "aws_cloudtrail.invalid_trail",
      "name": "invalid_trail",
      "s3_bucket_name": "aws_s3_bucket.trail_bucket"
    },
    "aws_cloudtrail.valid_trail": {
      "_filepath": "tests/rules/tf/aws/cloudtrail/inputs/log_file_validation_infra.tf",
      "_provider": "aws",
      "_type": "aws_cloudtrail",
      "depends_on": [
        "aws_s3_bucket_policy.policy"
      ],
      "enable_log_file_validation": true,
      "id": "aws_cloudtrail.valid_trail",
      "name": "valid_trail",
      "s3_bucket_name": "aws_s3_bucket.trail_bucket"
    },
    "aws_s3_bucket.trail_bucket": {
      "_filepath": "tests/rules/tf/aws/cloudtrail/inputs/log_file_validation_infra.tf",
      "_provider": "aws",
      "_type": "aws_s3_bucket",
      "force_destroy": true,
      "id": "aws_s3_bucket.trail_bucket"
    },
    "aws_s3_bucket_policy.policy": {
      "_filepath": "tests/rules/tf/aws/cloudtrail/inputs/log_file_validation_infra.tf",
      "_provider": "aws",
      "_type": "aws_s3_bucket_policy",
      "bucket": "aws_s3_bucket.trail_bucket",
      "id": "aws_s3_bucket_policy.policy",
      "policy": "{\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Sid\": \"Sid1\",\n            \"Effect\": \"Allow\",\n            \"Principal\": {\n                \"Service\": \"cloudtrail.amazonaws.com\"\n            },\n            \"Action\": \"s3:GetBucketAcl\",\n            \"Resource\": \"aws_s3_bucket.trail_bucket\"\n        },\n        {\n            \"Sid\": \"Sid2\",\n            \"Effect\": \"Allow\",\n            \"Principal\": {\n                \"Service\": \"cloudtrail.amazonaws.com\"\n            },\n            \"Action\": \"s3:PutObject\",\n            \"Resource\": \"aws_s3_bucket.trail_bucket/AWSLogs/data.aws_caller_identity.current/*\"\n        }\n    ]\n}\n"
    },
    "data.aws_caller_identity.current": {
      "_filepath": "tests/rules/tf/aws/cloudtrail/inputs/log_file_validation_infra.tf",
      "_provider": "aws",
      "_type": "data.aws_caller_identity",
      "id": "data.aws_caller_identity.current"
    }
  }
}

